----- Original Message ----- From: "cornel" <[EMAIL PROTECTED]> To: "rlug" <[email protected]> Sent: Thursday, March 17, 2005 8:07 AM Subject: [rlug] Probleme cu traficu [newbie]
> Imi puteti spune careva, va rog, ce e cu adresele alea dubioase de pe > portul 80 ? > Ce am copiat aici e doar o parte din trafic ca is mult mai multe conexiuni > pe portul 80. Sunt cumva scanat sau flood-at sau ce se intampla ca > prostiile astea de adrese imi papa toata banda de pe interfata externa ? > Pls spuneti-mi careva cum sa scap de pacostea asta de adrese ? cred ca ai uitat sa citesti regulile 1.2 seteaza clientul de e-mail sa 'sparga' liniile la maxim 72 de caractere ? > > > > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > tcp 0 0 0.0.0.0:20000 0.0.0.0:* LISTEN > 2201/perl > tcp 0 0 127.0.0.1:32768 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:32769 0.0.0.0:* > LISTEN - > tcp 0 0 0.0.0.0:2049 0.0.0.0:* > LISTEN - > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:2401 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:901 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:5222 0.0.0.0:* LISTEN > 1356/jabberd > tcp 0 0 0.0.0.0:5223 0.0.0.0:* LISTEN > 1356/jabberd > tcp 0 0 0.0.0.0:7 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 127.0.0.1:10024 0.0.0.0:* LISTEN > 1428/amavisd (maste > tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN > 1702/mysqld > tcp 0 0 0.0.0.0:9098 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN > 1731/smbd > tcp 0 0 0.0.0.0:9099 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:750 0.0.0.0:* LISTEN > 993/ypserv > tcp 0 0 0.0.0.0:718 0.0.0.0:* LISTEN > 960/rpc.statd > tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN > 1568/spamd -d -c -a > tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN > 895/portmap > tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN > 1895/httpd2 > tcp 0 0 82.77.126.77:80 222.183.164.168:1334 > SYN_RECV - > tcp 0 0 82.77.126.77:80 69.172.116.36:61831 > SYN_RECV - > tcp 0 0 82.77.126.77:80 163.29.240.157:44938 > SYN_RECV - > tcp 0 0 82.77.126.77:80 66.219.98.71:2983 > SYN_RECV - > tcp 0 0 82.77.126.77:80 82.53.38.70:4253 > SYN_RECV - > tcp 0 0 82.77.126.77:80 203.187.52.28:64369 > SYN_RECV - > tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN > 1715/perl > tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN > 1705/(squid) > tcp 0 0 0.0.0.0:19 0.0.0.0:* LISTEN > 1241/xinetd > tcp 0 0 0.0.0.0:884 0.0.0.0:* LISTEN > 1129/rpc.ypxfrd > tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN > 1617/proftpd: (acce > tcp 0 0 0.0.0.0:5269 0.0.0.0:* LISTEN > 1356/jabberd > tcp 0 0 82.77.126.77:53 0.0.0.0:* LISTEN > 1178/named > tcp 0 0 172.27.37.1:53 0.0.0.0:* LISTEN > 1178/named > tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN > 1178/named > tcp 0 0 0.0.0.0:630 0.0.0.0:* LISTEN > 1299/rpc.mountd > tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN > 1217/sshd > tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN > 1951/ntop > tcp 0 0 0.0.0.0:600 0.0.0.0:* LISTEN > 1268/rpc.rquotad > tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN > 1522/master > tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN > 1178/named > tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN > 1895/httpd2 > tcp 0 0 0.0.0.0:7741 0.0.0.0:* LISTEN > 1936/lisa > tcp 0 920 82.77.126.77:80 217.85.76.231:2399 > LAST_ACK - > tcp 0 0 82.77.126.77:35564 66.228.193.97:80 > TIME_WAIT - > tcp 0 1 82.77.126.77:35731 66.102.11.104:80 > SYN_SENT 8660/httpd2 > tcp 0 0 82.77.126.77:80 69.163.9.17:4517 > ESTABLISHED 8766/httpd2 > tcp 0 0 82.77.126.77:35711 209.237.237.101:80 > TIME_WAIT - > tcp 0 9121 82.77.126.77:80 163.29.240.157:44881 > ESTABLISHED 8577/httpd2 > tcp 0 0 82.77.126.77:80 163.29.240.157:44369 > TIME_WAIT - > tcp 1 0 82.77.126.77:80 222.183.164.168:1498 > CLOSE_WAIT 8805/httpd2 > tcp 1 13600 82.77.126.77:80 172.143.41.193:4422 > CLOSE_WAIT 6784/httpd2 > tcp 0 0 82.77.126.77:80 221.232.128.2:57332 > TIME_WAIT - > tcp 0 0 82.77.126.77:35631 65.254.54.178:80 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 219.157.101.124:4314 > ESTABLISHED 8573/httpd2 > tcp 0 0 82.77.126.77:80 82.148.20.141:1069 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 68.111.69.45:4632 > ESTABLISHED 8841/httpd2 > tcp 1 0 82.77.126.77:80 69.163.9.17:4516 > CLOSE_WAIT 8419/httpd2 > tcp 0 0 82.77.126.77:35573 65.254.54.178:80 > TIME_WAIT - > tcp 0 1 82.77.126.77:35529 64.40.146.160:80 > LAST_ACK - > tcp 0 0 82.77.126.77:80 66.219.98.71:1697 > TIME_WAIT - > tcp 0 691 82.77.126.77:80 163.29.240.157:44656 > LAST_ACK - > tcp 1 13068 82.77.126.77:80 69.159.1.161:61759 > CLOSE_WAIT 8438/httpd2 > tcp 0 1 82.77.126.77:35446 209.67.50.203:80 > SYN_SENT 8838/httpd2 > tcp 1 0 82.77.126.77:80 222.183.164.168:1304 > CLOSE_WAIT 8758/httpd2 > tcp 0 0 82.77.126.77:80 69.175.79.156:1375 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 222.183.164.168:3896 > CLOSE_WAIT 8881/httpd2 > tcp 0 0 82.77.126.77:80 69.163.9.17:4519 > ESTABLISHED 8904/httpd2 > tcp 1 13140 82.77.126.77:80 163.29.240.157:42035 > CLOSE_WAIT 8625/httpd2 > tcp 0 691 82.77.126.77:80 163.29.240.157:44627 > FIN_WAIT1 - > tcp 0 0 82.77.126.77:80 24.166.136.216:3861 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 222.183.164.168:2232 > CLOSE_WAIT 8839/httpd2 > tcp 0 0 82.77.126.77:32845 63.241.68.198:80 > CLOSE_WAIT 8531/httpd2 > tcp 0 1 82.77.126.77:34963 66.218.74.170:80 > LAST_ACK - > tcp 0 0 82.77.126.77:80 221.208.116.111:3414 > TIME_WAIT - > tcp 1 0 82.77.126.77:80 69.163.9.17:4518 > CLOSE_WAIT 8892/httpd2 > tcp 1 0 82.77.126.77:80 67.141.161.56:3657 > CLOSE_WAIT 8731/httpd2 > tcp 0 0 82.77.126.77:35016 66.102.11.104:80 > ESTABLISHED 8658/httpd2 > tcp 0 0 82.77.126.77:80 208.157.10.33:3435 > ESTABLISHED 8915/httpd2 > tcp 0 1 82.77.126.77:80 80.203.37.222:64594 > FIN_WAIT1 - > tcp 0 0 82.77.126.77:80 82.148.20.141:4079 > TIME_WAIT - > tcp 0 0 127.0.0.1:32773 127.0.0.1:32772 > ESTABLISHED 1705/(squid) > tcp 0 707 82.77.126.77:80 66.142.96.33:61717 > LAST_ACK - > tcp 0 1 82.77.126.77:35688 66.98.188.31:80 > SYN_SENT 8766/httpd2 > tcp 1 0 82.77.126.77:80 69.163.9.17:4513 > CLOSE_WAIT 8780/httpd2 > tcp 0 1 82.77.126.77:35646 66.98.188.31:80 > SYN_SENT 8892/httpd2 > tcp 0 1 82.77.126.77:35647 66.98.188.31:80 > SYN_SENT 8920/httpd2 > tcp 0 1 82.77.126.77:35629 66.98.188.31:80 > SYN_SENT 8904/httpd2 > tcp 0 1 82.77.126.77:35624 66.98.188.31:80 > SYN_SENT 8780/httpd2 > tcp 0 1 82.77.126.77:35625 66.98.188.31:80 > SYN_SENT 8419/httpd2 > tcp 0 1 82.77.126.77:35604 66.98.188.31:80 > SYN_SENT 8916/httpd2 > tcp 0 1 82.77.126.77:35605 66.98.188.31:80 > SYN_SENT 8430/httpd2 > tcp 0 1 82.77.126.77:35602 66.98.188.31:80 > SYN_SENT 8840/httpd2 > tcp 0 1 82.77.126.77:35603 66.98.188.31:80 > SYN_SENT 8844/httpd2 > tcp 0 1 82.77.126.77:35614 66.98.188.31:80 > SYN_SENT 8877/httpd2 > tcp 0 0 82.77.126.77:80 69.229.195.165:2598 > TIME_WAIT - > tcp 1 13140 82.77.126.77:80 68.149.8.124:63131 > CLOSE_WAIT 8919/httpd2 > tcp 0 8760 82.77.126.77:80 221.232.128.2:65520 > ESTABLISHED 8914/httpd2 > tcp 0 0 127.0.0.1:32772 127.0.0.1:32773 > ESTABLISHED 1706/(squidGuard) > tcp 1 0 82.77.126.77:80 222.183.164.168:2879 > CLOSE_WAIT 8680/httpd2 > tcp 0 0 82.77.126.77:80 65.93.142.23:4831 > ESTABLISHED 8814/httpd2 > tcp 0 0 82.77.126.77:80 217.85.76.231:2362 > CLOSE_WAIT 8372/httpd2 > tcp 0 0 82.77.126.77:80 61.147.153.7:11542 > TIME_WAIT - > tcp 0 1648 82.77.126.77:80 82.73.97.103:3348 > LAST_ACK - > tcp 0 1 82.77.126.77:35537 66.98.188.31:80 > SYN_SENT 8906/httpd2 > tcp 0 1 82.77.126.77:35536 66.98.188.31:80 > SYN_SENT 8566/httpd2 > tcp 0 0 82.77.126.77:80 66.219.98.71:2149 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 12.164.51.244:3239 > TIME_WAIT - > tcp 0 1 82.77.126.77:35535 66.98.188.31:80 > SYN_SENT 8560/httpd2 > tcp 0 0 82.77.126.77:80 222.183.164.168:2015 > CLOSE_WAIT 8406/httpd2 > tcp 0 0 82.77.126.77:80 67.87.223.59:1864 > TIME_WAIT - > tcp 0 1648 82.77.126.77:80 65.0.157.232:50033 > FIN_WAIT1 8759/httpd2 > tcp 0 0 127.0.0.1:32775 127.0.0.1:32774 > ESTABLISHED 1705/(squid) > tcp 0 1 82.77.126.77:35733 217.160.227.223:80 > SYN_SENT 8894/httpd2 > tcp 1 0 82.77.126.77:80 69.163.9.17:4515 > CLOSE_WAIT 8920/httpd2 > tcp 0 0 82.77.126.77:35595 66.35.238.14:80 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 80.143.88.161:62001 > TIME_WAIT - > tcp 0 1341 82.77.126.77:80 222.153.63.229:50820 > LAST_ACK - > tcp 1 0 82.77.126.77:80 222.183.164.168:2748 > CLOSE_WAIT 8866/httpd2 > tcp 0 1 82.77.126.77:80 218.56.175.31:18640 > LAST_ACK - > tcp 0 0 82.77.126.77:35694 217.160.227.223:80 > TIME_WAIT - > tcp 0 0 127.0.0.1:32774 127.0.0.1:32775 > ESTABLISHED 1707/(squidGuard) > tcp 1 0 82.77.126.77:80 208.157.10.33:4623 > CLOSE_WAIT 8532/httpd2 > tcp 0 0 82.77.126.77:80 222.183.164.168:1853 > CLOSE_WAIT 8764/httpd2 > tcp 0 0 82.77.126.77:80 217.83.47.179:26153 > ESTABLISHED 8778/httpd2 > tcp 1 0 82.77.126.77:80 69.163.9.17:4514 > CLOSE_WAIT 8877/httpd2 > tcp 0 0 82.77.126.77:80 222.183.164.168:1917 > CLOSE_WAIT 8765/httpd2 > tcp 0 745 82.77.126.77:80 210.6.198.130:53060 > LAST_ACK - > tcp 0 0 82.77.126.77:80 222.183.164.168:3709 > CLOSE_WAIT 8860/httpd2 > tcp 0 0 82.77.126.77:34532 64.21.63.5:80 > ESTABLISHED 8696/httpd2 > tcp 0 707 82.77.126.77:80 67.177.122.220:3665 > LAST_ACK - > tcp 0 0 82.77.126.77:80 65.110.39.180:48603 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 67.162.149.61:2451 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 80.139.214.57:64893 > TIME_WAIT - > tcp 1 0 82.77.126.77:80 222.183.164.168:2525 > CLOSE_WAIT 8912/httpd2 > tcp 0 0 127.0.0.1:32777 127.0.0.1:32776 > ESTABLISHED 1705/(squid) > tcp 1 0 82.77.126.77:80 217.85.76.231:2391 > CLOSE_WAIT 8533/httpd2 > tcp 1 0 82.77.126.77:80 222.183.164.168:1298 > CLOSE_WAIT 8889/httpd2 > tcp 0 0 82.77.126.77:35659 69.93.148.36:80 > TIME_WAIT - > tcp 0 0 82.77.126.77:35698 64.255.161.140:80 > TIME_WAIT - > tcp 1 0 82.77.126.77:80 217.85.76.231:2327 > CLOSE_WAIT 8684/httpd2 > tcp 0 0 82.77.126.77:80 66.63.217.244:3451 > TIME_WAIT - > tcp 0 0 82.77.126.77:80 163.29.240.157:44921 > ESTABLISHED 8898/httpd2 > tcp 0 0 82.77.126.77:35717 64.255.161.140:80 > TIME_WAIT - > tcp 0 626 82.77.126.77:80 222.76.45.126:52617 > FIN_WAIT1 - > tcp 0 0 127.0.0.1:32776 127.0.0.1:32777 > ESTABLISHED 1708/(squidGuard) > +-----------------------------------------------------------------------+ > !Acest mesaj a fost scanat impotriva virusilor si continutului periculos! > ! de catre MailScanner si este considerat a fi nevirusat. ! > +-----------------------------------------------------------------------+ > > > > --- > Detalii despre listele noastre de mail: http://www.lug.ro/ > > > .......................................................................... Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible fordelivery of the message to such person), you may not copy or deliver this message to anyone. In such a case, you should destroy this message and kindly notify the sender by reply e-mail. --- Detalii despre listele noastre de mail: http://www.lug.ro/
